Package com.google.crypto.tink.subtle

Class AesSiv

java.lang.Object

com.google.crypto.tink.subtle.AesSiv

All Implemented Interfaces:

DeterministicAead

public final class AesSiv
extends java.lang.Object
implements DeterministicAead

AES-SIV, as described in RFC 5297.

Each AES-SIV key consists of two sub keys. To meet the security requirements of DeterministicAead, each sub key must be 256 bits. The total size of ASE-SIV keys is then 512 bits.

Since:

1.1.0

Field Summary

Fields

Modifier and Type	Field	Description
static TinkFipsUtil.AlgorithmFipsCompatibility	FIPS

Constructor Summary

Constructors

Constructor	Description
AesSiv(byte[] key)

Method Summary

Modifier and Type	Method	Description
static DeterministicAead	create(AesSivKey key)
byte[]	decryptDeterministically(byte[] ciphertext, byte[] associatedData)	Deterministically decrypts ciphertext with associatedData as associated authenticated data.
byte[]	encryptDeterministically(byte[] plaintext, byte[] associatedData)	Deterministically encrypts plaintext with associatedData as associated authenticated data.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

FIPS

public static final TinkFipsUtil.AlgorithmFipsCompatibility FIPS

Constructor Detail

AesSiv

public AesSiv(byte[] key)
       throws java.security.GeneralSecurityException

Throws:

java.security.GeneralSecurityException

Method Detail

create

public static DeterministicAead create(AesSivKey key)
                                throws java.security.GeneralSecurityException

Throws:

java.security.GeneralSecurityException

encryptDeterministically

public byte[] encryptDeterministically(byte[] plaintext,
                                       byte[] associatedData)
                                throws java.security.GeneralSecurityException

Description copied from interface: DeterministicAead

Deterministically encrypts plaintext with associatedData as associated authenticated data.

Warning

Encrypting the same plaintext multiple times protects the integrity of that plaintext, but confidentiality is compromised to the extent that an attacker can determine that the same plaintext was encrypted.

The resulting ciphertext allows for checking authenticity and integrity of associated data (associatedData), but does not guarantee its secrecy.

Specified by:

encryptDeterministically in interface DeterministicAead

Returns:

resulting ciphertext

Throws:

java.security.GeneralSecurityException

decryptDeterministically

public byte[] decryptDeterministically(byte[] ciphertext,
                                       byte[] associatedData)
                                throws java.security.GeneralSecurityException

Description copied from interface: DeterministicAead

Deterministically decrypts ciphertext with associatedData as associated authenticated data.

The decryption verifies the authenticity and integrity of the associated data, but there are no guarantees wrt. secrecy of that data.

Specified by:

decryptDeterministically in interface DeterministicAead

Returns:

resulting plaintext

Throws:

java.security.GeneralSecurityException